WebApp Sec mailing list archives
Re: phpBB Ban
From: Ole Martin Eide <ole () emag no>
Date: Wed, 20 Apr 2005 17:49:02 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joseph Miller wrote:
The reason that I think that a ban would be important for a project such as phpBB is because of its wide use. One attacker could spend a single day and attack hundreds or even thousands of websites that have pbpBB using a single script and a web search engine. This type of wide deployment makes this program more of a risk than just a problem with one or two servers. This type of problem becomes global.
The use of 'Windows' is also widespread. Over the years it has been patched more times than a human can count. Does this mean administrators should enforce the use of other operating systems? To make a sharp statement; most web scripts around has some kind of bug, at some point, that will compromise the site and/or even more. My view is that there will always be bugs, and people to find them and use them. So the only thing we can do is to prepare for it to happen. Thank god for mod_sec :) - -- Med vennlig hilsen / Regards Ole Martin Eide -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) iD8DBQFCZnnu0VCmgbOm9IMRArL3AJ9D+9ZBNQR9fiBwJdtzkkb0i6cNagCfeyQC 0l1yuDx0aw5zYn8LJaLre7U= =4ps8 -----END PGP SIGNATURE-----
Current thread:
- Re: phpBB Ban Ole Martin Eide (Apr 20)
- Re: phpBB Ban Joseph Miller (Apr 21)
- Re: phpBB Ban Mark Susol Ultimate Creative Media (Apr 21)